Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/y9uAGCONvqstezPxQAk-PtnGJn8.roa
File: y9uAGCONvqstezPxQAk-PtnGJn8.roa (raw, json)
Hash identifier: 2hQ17lR8xgsu0ik7iAOlbT1BVVZufhuDEjce5om4sWU=
Subject key identifier: CB:DB:80:18:23:8D:BE:AB:2D:7B:33:F1:40:09:3E:3E:D9:C6:26:7F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6BAA12A930C19E508EC8C2CC3CCA4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/y9uAGCONvqstezPxQAk-PtnGJn8.roa
Signing time: Mon 01 Jan 2024 06:29:41 +0000
ROA not before: Mon 01 Jan 2024 06:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48011
IP address blocks: 88.209.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ba:a1:2a:93:0c:19:e5:08:ec:8c:2c:c3:cc:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbdb8018238dbeab2d7b33f140093e3ed9c6267f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:76:ab:55:31:61:0f:3c:6f:d2:fa:15:09:ec:
7a:5d:fc:de:8c:b1:14:f0:a1:b8:97:af:82:25:5b:
50:5f:24:eb:8e:a7:03:81:b2:77:b8:40:5e:b4:3a:
8f:65:a3:51:d6:1a:a3:a4:03:f4:96:92:3c:47:46:
ba:90:09:38:c7:a6:09:c6:cb:36:f6:69:9e:21:67:
34:21:5a:c1:96:da:b0:76:ec:70:20:c7:76:2d:6f:
f1:b9:cb:8e:92:b7:d9:8d:3b:73:7a:f0:eb:cc:20:
2d:ca:64:90:90:1f:8a:67:5e:54:b9:9e:b6:88:d1:
80:96:c4:f5:02:db:f8:aa:be:79:dc:ff:2b:e6:b9:
e6:be:d5:11:13:5e:cf:4f:6f:eb:93:35:5c:e7:e8:
2d:ac:8b:df:44:02:e1:a8:2c:3e:a9:64:5f:9c:c2:
65:27:49:3c:d0:3a:58:d9:2e:af:82:4a:85:bc:d8:
e1:f5:f9:fd:d3:25:ed:77:20:30:30:87:af:61:e1:
a4:be:c9:b3:d9:40:a9:af:6a:32:1e:d8:79:ee:6c:
a2:bb:ea:95:15:fc:49:64:ba:03:bd:d7:3f:73:49:
b7:21:42:b2:ce:50:19:4e:00:f3:66:0a:81:63:0e:
68:1e:ab:02:cd:d6:4a:7b:64:38:13:87:7a:2e:fb:
63:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DB:80:18:23:8D:BE:AB:2D:7B:33:F1:40:09:3E:3E:D9:C6:26:7F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/y9uAGCONvqstezPxQAk-PtnGJn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.249.0/24
Signature Algorithm: sha256WithRSAEncryption
00:09:de:b4:20:ce:ae:16:2d:d7:86:be:d2:4a:59:ed:6c:cf:
3a:60:71:96:46:90:a7:19:dd:fd:7d:ed:bc:c7:77:a9:89:80:
cb:4b:15:da:2a:d6:7c:9a:13:de:0a:67:d0:f8:dd:ef:e0:36:
b1:84:92:97:5d:f9:47:67:05:b6:2d:bb:11:64:4f:cd:d9:82:
89:4d:49:5f:e3:ba:07:d8:89:86:16:08:45:c6:49:ac:84:08:
eb:04:99:5e:99:42:f0:0c:bb:1c:2f:8a:31:9e:78:a8:54:5d:
48:2e:9d:cd:a4:04:03:cd:8c:15:ce:0e:78:a2:00:4d:6f:8f:
c4:75:76:73:94:5c:1a:a3:f3:dc:cb:d5:65:d3:fe:04:da:52:
b1:70:5d:77:e9:8a:cc:ba:d9:01:2d:19:75:a0:42:e7:0c:3b:
60:4f:9f:be:51:cf:af:97:3d:c1:33:d1:49:27:ba:05:37:fc:
a8:10:40:57:fe:04:5c:3a:3c:44:57:a3:1c:fd:32:86:1f:68:
e3:fe:40:73:e9:c9:60:d2:d5:45:99:5e:a6:06:28:1c:b9:7a:
f6:5d:8d:d8:2e:00:70:4e:51:bc:ac:f1:b7:ab:d5:2b:7c:bd:
e3:e8:fd:98:bf:fa:66:f2:23:09:7d:4b:1d:05:96:13:b4:87:
2b:8f:45:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtrqhKpMMGeUI7Iwsw8ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRiODAxODIzOGRiZWFiMmQ3YjMzZjE0MDA5M2UzZWQ5YzYyNjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznarVTFhDzxv0voVCex6XfzejLEU
8KG4l6+CJVtQXyTrjqcDgbJ3uEBetDqPZaNR1hqjpAP0lpI8R0a6kAk4x6YJxss2
9mmeIWc0IVrBltqwduxwIMd2LW/xucuOkrfZjTtzevDrzCAtymSQkB+KZ15UuZ62
iNGAlsT1Atv4qr553P8r5rnmvtURE17PT2/rkzVc5+gtrIvfRALhqCw+qWRfnMJl
J0k80DpY2S6vgkqFvNjh9fn90yXtdyAwMIevYeGkvsmz2UCpr2oyHth57myiu+qV
FfxJZLoDvdc/c0m3IUKyzlAZTgDzZgqBYw5oHqsCzdZKe2Q4E4d6LvtjywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvbgBgjjb6rLXsz8UAJPj7ZxiZ/MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveTl1QUdDT052cXN0ZXpQeFFBay1QdG5HSm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH5MA0G
CSqGSIb3DQEBCwUAA4IBAQAACd60IM6uFi3Xhr7SSlntbM86YHGWRpCnGd39fe28
x3epiYDLSxXaKtZ8mhPeCmfQ+N3v4DaxhJKXXflHZwW2LbsRZE/N2YKJTUlf47oH
2ImGFghFxkmshAjrBJlemULwDLscL4oxnnioVF1ILp3NpAQDzYwVzg54ogBNb4/E
dXZzlFwao/Pcy9Vl0/4E2lKxcF136YrMutkBLRl1oELnDDtgT5++Uc+vlz3BM9FJ
J7oFN/yoEEBX/gRcOjxEV6Mc/TKGH2jj/kBz6clg0tVFmV6mBigcuXr2XY3YLgBw
TlG8rPG3q9UrfL3j6P2Yv/pm8iMJfUsdBZYTtIcrj0U/
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:16:00 2024 by rpki-client on console-fra.rpki-client.org